Chinese Scammers Pretending to be Google Go After Your Business

Scammers are always looking for a way to rip off cash from someone else.

China, our wonderful trading partner that brings us lots of smart, hard-working people also brings us smart hard-working scammers and hackers. Not to mention stealing our intellectual property and massive human rights violations.

The most recent scam I’ve seen is aimed at business people who use Google AdWords.

Over the past two weeks, I received spam that says my Google AdWords Billing information needs to be updated. I didn’t believe that for a second and when I cursored over the link, what showed as https://adwords.google.com in the message was shown as http://adwords.google.com.ork0r.cn/select/Login/ in the status bar.

As you see, that looks like a google URL, until you notice the rest of the domain part up to the slash.

If I wasn’t a veteran of the web since the early 1990s, maybe they could have fooled me. This often fools people who are newer to the web, but it needn’t be that way. Many people don’t understand URLs and several things can cause a problem for you.

The first thing that can get you into trouble is not paying attention. If you don’t pay attention, even a smart person can be tricked into giving up their login and password.

You must always realise that anyone can pretend to be a trusted email sender, creating a message that looks legitimate, from someone you know and trust, but is really a trojan horse silently waiting for you to let your guard down. Email is not a secure system.

Without going into too much detail here, there are two main things to do next. First, determine if the message seems reasonable to you.

There are a few things the scammers still can’t do. They don’t know you or how Google refers to you. The same thing goes for PayPal and Bank scams too. Goggle, PayPal and your Bank call you by name. They will never address you “Dear Google AdWords Customer!” “Dear PayPal Member” or “Dear Customer.” That is the way most of the scam messages look.

If you see that, you should delete the message, end of story. Most times, that will be enough. If your email address contains your name, the scammers could use that information to personalize the message and you could still be vulnerable if you don’t do more checks.

The next thing to look for is the domain name shown in the message. If the message is in plain text format, you will see the URL and you can determine if it is real or not – as long as you understand the construction of URLs. If the message is in HTML format, the scammers have more tricks up their sleeves. They can make the link text on the page say one thing, and send your browser somewhere else when you click the link.

To check that, put your cursor over the link and look down in the email program’s status bar. If you see something other than what you saw printed on the page, you should be suspicious and you need to check the domain name part of the URL. If the rightmost end of the domain name isn’t what you expected, the message is a scam and you should delete it.

Of course, there is one more thing the scammers can do and that is to use javascript in their message. If they do that, they can even make the status bar lie to you, showing the domain you expect. That may induce you to click on the link, but there is one more thing you need to do. Anytime you prepare to enter your login name and password, you must check your browser’s address bar, to make sure you are actually on the site you are expecting. The scammers can easily clone the real destination page, but the address bar will still show their domain name.

Be careful, the scammers will keep sending their garbage to you, changing their approach constantly, just waiting for that one time you lower your guard. Don’t let it happen to you, it can really mess up your business.

Today’s google scam subject line is “Our programme terms have changed.” Look for variations on that theme.

Another day, another headline “Please submit your payment information.” This time, the senders aren’t so smart. They messed up the URL: http://adwords.google.gelisbankcn/select/Login – so this time, we’re safe, the URL doesn’t work.

Alan Gray is the Publisher and Editor-in-Chief of NewsBlaze Daily News and other online newspapers. He prefers to edit, rather than write, but sometimes an issue rears it’s head and makes him start pounding the keyboard. Alan has a fascination with making video and video editing, so watch out if he points his Canon 7d in your direction.